ZDNet

Open-source team fights buffer overflows

The OpenBSD project hopes new changes to its latest release will eliminate "buffer overflows," a software issue that has been plaguing security experts for more than three decades. Theo de Raadt, the ...
CSOonline

New Snort overflow exploit

Snort can be buffer overflowed. About once a year, Snort gets a buffer overflow vulnerability. Any piece of additional software in a defense strategy has to be carefully considered (e.g. Snort, ...
Ars Technica

What causes code in buffer overflows to execute?

AFAIK, IANAP:<BR> <BR>Some programming languages (C, for instance) have certain functions that <I>do not</I> check whether an argument is too big for its buffer, eg printf(). There are functions that ...
Infosecurity-magazine.com

CISA and FBI Warn Against Buffer Overflow Vulnerabilities

A new alert from the US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) has outlined strategies to eliminate buffer overflow vulnerabilities in ...
CSOonline

CISA, FBI call software with buffer overflow issues ‘unforgivable’

The federal directive forbids vendors from shipping software with such flaws, and flags recent Microsoft, and Ivanti zero-days as examples. FBI and CISA have issued a joint advisory to warn software ...
Network World

VoIP vulnerabilities increasing, but not exploits

PBXs are servers on corporate networks and are susceptible to the many exploits that networks in general are heir to, such as denial-of-service and buffer overflows. There have been few exploits so ...